leap_platform.git - [leap

Age	Commit message (Collapse)	Author
2015-10-07	[bug] Fix removal of webapp apache config file	varac
	Done by including a service-dependend site_config::remove::webapp class.
2015-10-07	Merge branch 'develop' of gitlab.com:leap/platform into develop	varac

2015-10-06	[feat] Remove tapicero from more places	varac
	Remove from: - platform white-box tests (couchdb user ACLs, tapicero daemon test) - provider_base/ dir that handles the compilation of the hiera config file - Resolves: #7501
2015-10-06	[feat] remove tapicero leftovers	varac
	Soledad now creates user-dbs, which has been done by tapicero in the past. we need to remove any leftovers from tapicero.
2015-10-05	Merge branch 'bugfix/virtualaliases' into develop	elijah

2015-10-05	Merge branch 'feature/firewall' into develop	elijah

2015-10-05	Merge branch 'soledad_userdb_creation' into develop	varac

2015-10-05	[feat] Create-user-db: use couchdb admin rights	varac
	- create soledad-admin user - deploy netrc file for userdb creation - Move soledad-server.conf from /etc/leap to /etc/soledad - make soledad-server.conf group-accessible for the soledad group, so the soledad-admin user can read it - Resolves: #7502
2015-10-01	Merge remote-tracking branch 'alster-hamburgers/invite_codes' into develop	varac

2015-09-30	fix missing service dependency error	Micah
	this tidy should only happen on webapp nodes Change-Id: I56faac4fa28fde9dcad7ce9a6ed0d684630a556e
2015-09-30	Fix server-status availability to tor hidden services (#7456)	Micah Anderson
	Make the server-status information unavailable by putting the vhost on a port that isn't configured as available to the tor hidden-service. Change-Id: Idd3bfefb5b7fc26fb0a8cf48cdf6afc68a4192bb
2015-09-30	Merge remote-tracking branch 'gitlab/develop' into develop	Micah

2015-09-30	Fix server-status availability to tor hidden services (#7456)	Micah Anderson
	Make the server-status information unavailable by putting the vhost on a port that isn't configured as available to the tor hidden-service. Change-Id: Idd3bfefb5b7fc26fb0a8cf48cdf6afc68a4192bb
2015-09-30	Merge branch 'bug/server-status_7456' into 'develop'	varac
	Fix server-status availability to tor hidden services (#7456) Make the server-status information unavailable by putting the vhost on a port that isn't configured as available to the tor hidden-service. Change-Id: Idd3bfefb5b7fc26fb0a8cf48cdf6afc68a4192bb See merge request !73
2015-09-30	Merge branch 'develop' into 'develop'	varac
	fix missing service dependency error this tidy should only happen on webapp nodes Change-Id: I56faac4fa28fde9dcad7ce9a6ed0d684630a556e See merge request !77
2015-09-28	Create invite code db and design docs	ankonym

2015-09-28	Merge pull request #82 from Alster-Hamburgers/invite_codes	varac
	Modify config.yml.erb to include the invite code option
2015-09-28	Modify config.yml.erb to include the invite code option	ankonym

2015-09-28	[feat] Vagrant: forward leap_web ports 443 ad 80	varac

2015-09-24	add spf to compile zone, closes #5925	elijah

2015-09-24	do not remove /var/log/leap/mx.log.*, this is where leap_mx is logging.	elijah

2015-09-24	allow certain aliases, like 'abuse', to be publicly forwardable.	elijah

2015-09-24	added firewall information to nodes (needed for `leap compile firewall`)	elijah

2015-09-24	fix missing service dependency error	Micah
	this tidy should only happen on webapp nodes Change-Id: I56faac4fa28fde9dcad7ce9a6ed0d684630a556e
2015-09-24	Remove no longer used vhost for leap_webapp (#7475)	Micah
	The configuration /etc/apache/sites-enabled/leap_webapp.conf was never removed after 6255e58bf9ff3489bf2707bc2be9759ec5c7db68 made it obsolete, and because it exists on older systems, it is being used instead of the correct common.conf. This removes it and reloads apache. Change-Id: Ic4c9901f4bba869ecb3dfe5362dfd1971570f89a
2015-09-20	automatic update of submodule apt	kwadronaut

2015-09-15	fix vagrant ssh private key path	elijah

2015-09-15	Fix server-status availability to tor hidden services (#7456)	Micah Anderson
	Make the server-status information unavailable by putting the vhost on a port that isn't configured as available to the tor hidden-service. Change-Id: Idd3bfefb5b7fc26fb0a8cf48cdf6afc68a4192bb
2015-09-15	Merge branch 'feature/rewrite_openpgp_header_7413' into develop	Micah Anderson
	Change-Id: I42a1ef661dc55fb8110e82e930f67679c3dff1f8
2015-09-15	make couchdb.admin.yml only readable by root, make non-admin cron run as ↵	elijah
	webapp user.
2015-09-15	service definition .json files should not refer to properties inherited from ↵	elijah
	common.json. closes #7423
2015-09-15	minor linting	Micah Anderson
	Change-Id: If92faee5f877301bf23564d5b6e71c4b1263de54
2015-09-15	fix incorrect name for vagrant ssh public key file	elijah

2015-09-14	Added help/warning if running tunnel command without TCP forwarding enabled.	elijah

2015-09-14	Merge remote-tracking branch 'micah/hiera_defaults_7443' into develop	varac

2015-09-11	Merge branch 'bugfix/mxaliases' into develop	elijah

2015-09-11	switch aliases to use virtual_alias_maps	elijah

2015-09-11	Merge remote-tracking branch 'elijah/feature/sshconfig' into develop	Micah Anderson

2015-09-10	sshd: let nodes change default AllowTcpForwarding	elijah

2015-09-10	fix various problems with webapp config generation	elijah

2015-09-10	Make sure hiera values have valid defaults if they are not specified (#7443)	Micah Anderson
	Change-Id: Ib701886ad26c5e39ccd669fadca81404b5c0426a
2015-09-10	Fix clients being blocked by RBLs (#7431)	Micah Anderson
	Valid users submitting mail to be delivered should not be blocked by configured RBLs. Settings in main.cf are valid and used globally, unless they are overridden in master.cf for specific Postfix daemons. We have set in main.cf the smtp_client_restrictions parameter to check for configured rbls, so we need to override that and empty it in order to allow valid clients to send mail, even when their IP is listed in an RBL. Note: most users will typically be connecting via VPN, so their IP would typically be replaced by the VPN gateway one, but there are cases where this is still useful. Change-Id: Ie4171113c78ae2814402a1ed9b5343280cbf79d1
2015-09-10	Merge branch 'develop' of ssh://code.leap.se/leap_platform into develop	varac

2015-09-10	Don't exit after failed deploy	varac
	Sometimes only trivial things fail that doesn't affect basic functionallity. Change-Id: I9d9d1a531a11e6eeee6fd823a51bb02e99771ec2
2015-09-10	use vagrant user for configuring provider with leap_cli (new leap_cli ↵	varac
	version complain when called by root) we don't need to enable ssh pw auth because we're now using the vagrant user that has ssh key-based auth configured already. Change-Id: I5e28e6f5c71724573ff11def5b96142e8eb8b185
2015-09-10	moved leap_cli installation to leap module	varac
	Change-Id: I385f7877d0816456e7c57179511604645a4740bc
2015-09-09	ensure that the webapp has the service levels config it requires.	elijah

2015-09-09	updates to zone compile and tags/development.json to be compatible with the ↵	elijah
	definition of 'domain' in provider.env.json.
2015-09-08	rewrite openpgp header to be always correct (#7413)	Micah Anderson
	The openpgp header added by the client is sometimes incorrect, because the client doesn't actually know what the proper URL is for the webapp. The server knows, however. Change-Id: I2243b19a6337d8e0be97590e2ca9c9c0b0fffdac
2015-09-03	make couchdb.admin.yml only readable by root, make non-admin cron run as ↵	elijah
	webapp user.